Vulnerabilities

CVE-2022-21660

by Fred · 09/02/2022

Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds.

Date published : 2022-02-09

https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-xxvh-9c87-pqjx

Similar

Tags: Cybersecurity Alert